2221662 – (CVE-2022-24834) CVE-2022-24834 redis: heap overflow in the lua cjson and cmsgpack libraries

Bug 2221662 (CVE-2022-24834) - CVE-2022-24834 redis: heap overflow in the lua cjson and cmsgpack libraries

Summary: CVE-2022-24834 redis: heap overflow in the lua cjson and cmsgpack libraries

Keywords:
Status:	NEW
Alias:	CVE-2022-24834
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Nobody
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2222024 2221671 2221672 2221674 2221675 2221676 2221677 2221678 2221679 2221681 2221682 2221692 2221693 2222025
Blocks:	2221650
TreeView+	depends on / blocked

Reported:	2023-07-10 14:50 UTC by Zack Miele
Modified:	2025-04-01 08:28 UTC (History)
CC List:	76 users (show)
Fixed In Version:	redis 7.0.12, redis 6.2.13, redis 6.0.20
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2025:0698	None	None	None	2025-01-27 02:35:11 UTC
Red Hat Product Errata	RHSA-2025:0595	None	None	None	2025-01-22 10:35:57 UTC
Red Hat Product Errata	RHSA-2025:0693	None	None	None	2025-01-27 01:25:17 UTC

Description Zack Miele 2023-07-10 14:50:00 UTC

CVE-2022-24834 - A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson and cmsgpack libraries, and result in heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support, starting from 2.6, and affects only authenticated and authorized users.

https://github.com/redis/redis/security/advisories/GHSA-p8x2-9v9q-c838

Comment 3 TEJ RATHI 2023-07-11 15:00:13 UTC

Created redis tracking bugs for this issue:

Affects: epel-all [bug 2222024]
Affects: fedora-all [bug 2222025]

Comment 7 errata-xmlrpc 2025-01-22 10:35:52 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:0595 https://access.redhat.com/errata/RHSA-2025:0595

Comment 8 errata-xmlrpc 2025-01-27 01:25:13 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:0693 https://access.redhat.com/errata/RHSA-2025:0693

Note You need to log in before you can comment on or make changes to this bug.

acrosby
adudiak
agarcial
aileenc
amasferr
aoconnor
asegurap
bbuckingham
bcourt
bdettelb
caswilli
chazlett
crarobin
davidn
dffrench
dhughes
eglynn
ehelms
epacific
fjansen
gmalinko
gparvin
gzaronik
hhorak
hkataria
janstey
jburrell
jcammara
jhardy
jjoyce
jmadigan
jmitchel
jneedle
jobarker
jorton
jsherril
jtanner
kaycoth
kshier
lhh
lzap
mabashia
mburns
mgarciac
mhulan
micjohns
mkleinhe
mkudlej
myarboro
nathans
ngough
njean
nmoumoul
nweather
oezr
orabin
owatkins
pahickey
pamccart
pcreech
pdelbell
pgrist
rchan
rcollet
redis-maint
rgodfrey
simaishi
smcdonal
stcannon
sthirugn
teagle
tjochec
vkrizan
vmugicag
yguenane
zsadeh